I’m running VPN-1 UTM and this tricked worked fine. Looking at the registry, there are several keys under HKEY_LOCAL_MACHINE\SOFTWARE\CheckPoint\FW1\ which look to pertain to whichever version you have installed. Under the top level key HKEY_LOCAL_MACHINE\SOFTWARE\CheckPoint\FW1\ is a “CurrentVersion” String. Mine is “6.0” so I navigated to HKEY_LOCAL_MACHINE\SOFTWARE\CheckPoint\FW1\6.0 and created the “FWLOGDIR” string there, restarted the…

*UPDATED Now replaced with a simple one line command: openssl req -newkey rsa:1024 -keyout my.servername.key -nodes -x509 -days 999 -out my.servername.crt The above command will generate a self signed certificate and key (used for signing the certificate) OLD Method: Generating SSL keys for use with Apache. Two files are required to generate your own secure…

Using .htaccess files with Apache Outside of your web directory (best in /home/httpd/ ) you need to create the file(s) (you can have more than one) that contain the user names and passwords. Step 1: This can be done thus: htpasswd /home/httpd/.sysinfo admin Note the dot (.) in front of .sysinfo !!!! (that’s a hidden…

Traffic which should be blocked by routers (Cisco specific) There are a number of Internet addresses and packet types which a site router should always block. In most cases there is no legitimate reason for this traffic to appear on a public network, so any occurence indicates either a misconfigured host somewhere on the Internet…

*** NOTE: this was written several years ago – but may still be useful *** VLANS Increase security and ease administration and relocation. Break up broadcast domains. VLANS work at layer 2 and 3 of OSI model. Communication between VLANs uses layer 3 routing. 3 ways of assigning a switched port to VLANs: Port-Centric –…

** note – this is several years old now – but much of it is still useful ** Cisco CCNA Certification Study Guide Ctrl+Shift+6 then X – Allows you to open more than one telnet session. Only the Hardware addresses change when packets go through routers. Half duplex Ethernet – One station can only send…

CISCO – Blocking broadcast traffic. We’ve had some requests for examples of how to filter broadcast traffic. As with a lot of things in the computer world, “there is more than one way to do it.” If your network is composed *only* of /24 allocations (ie you’re not supernetting or subnetting anywhere on class C’s,…